CVE-1999-1475

ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
References
Link Resource
http://www.securityfocus.com/archive/1/35483 Patch Vendor Advisory
http://www.securityfocus.com/bid/812 Patch Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:proftpd_project:proftpd:1.2:*:*:*:*:*:*:*

Information

Published : 1999-11-18 21:00

Updated : 2008-09-05 13:19


NVD link : CVE-1999-1475

Mitre link : CVE-1999-1475


JSON object : View

Advertisement

dedicated server usa

Products Affected

proftpd_project

  • proftpd